Find out if you are affected by DNS Leaks

Martin Brinkmann
May 19, 2015
Updated • Aug 13, 2018
Security
|
5

Whenever you use anonymity or privacy solutions to protect your Internet traffic from being snooped on or to bypass censorship and location-based restrictions, you need to make sure data about your actual location in the world or underlying system is not leaked.

Sites that implement tools to check that data and compare it would find out immediately that you are using techniques to disguise your actual IP address and location in the world if the data differs.

A basic recent example is WebRTC, a new technology that most modern browsers support. Websites and services may use WebRTC to find out about IP addresses of your computer when enabled even if you use a VPN service.

Computers use the DNS system to translate domain names to IP addresses. When you enter a domain name in the browser DNS is used to look up the corresponding IP address to establish the connection.

The DNS server of the Internet Service Provider is used most of the time but it can be changed to third-party DNS providers like OpenDNS or Google DNS which promise faster look ups and may offer advanced features such as filtering of malicious sites.

Tip: You can also find out if your VPN provider leaks your device's "real" IP address.

DNS Leaks

DNS Leaks occur when look ups are made using the DNS server of the ISP when you are connected to a virtual private network or other anonymity and privacy solutions.

This may not always be an issue but if you work or live in a country that is censoring the Internet or blocking resources, then you better make sure that you are not affected by these leaks as you may end up with connection errors or repercussions even.

To check whether you are affected, visit the DNS Leak Test website and run the standard and then the extended test while you are connected to a VPN or other solutions.

The start page displays your IP address and location. The tests check whether information about visited sites and servers are leaked while you are using a VPN service.

If you only see the DNS server of the VPN service then you are not affected by leaks but if you see your ISP's server used there as well or exclusively, then you are affected and information about all sites and servers you visit manually or automatically are leaked to the ISP.

Transparent DNS proxies are one reason why DNS information may leak while you are using a VPN and have configured your system to either use the VPN's DNS server or a third-party server.

When this technology is used by the ISP, DNS lookup requests are intercepted by it which enforces the use of the ISP's DNS server even if you have changed DNS servers on the computer.

If you are using a third-party DNS provider, you may want to run the leak test on your system to make sure that it is indeed being used.

The test site lists two solutions to fix DNS leaks if that is the case. The automatic solution requires the use of OpenVPN, the manual that you run a series of commands on the command line. Both instructions are only provided for Windows systems, however.

If you do use specialized software to connect to VPN services, you may want to check the settings to find out if they support leak protection. The software of the popular VPN provider Nord VPN does for instance.

Now You: Are you affected by DNS Leaks?

Summary
Article Name
Find out if you are affected by DNS Leaks
Description
Find out if your system leaks DNS information to the Internet Service Provider and what you can do about it if that is the case.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. PhoneyVirus said on May 19, 2015 at 11:12 pm
    Reply

    An I thought I was the only one that lived in the middle of no were lol. Google DNS and OpenDNS would be favored over any other DNS service, personally though I always fine something wrong with these DNS services. I’ll stick with my IPS but will probably change over when I switch my network over to https.

  2. Wybo said on May 19, 2015 at 11:44 am
    Reply

    Another reason to switch to another DNS provider is that it potentially could speed up your internet connection.

    To test which DNS provider near your location is the best for you use: https://code.google.com/p/namebench/

    1. Martin Brinkmann said on May 19, 2015 at 11:53 am
      Reply

      That is a good point, especially since ISP DNS server are usually not the fastest.

  3. Craig said on May 19, 2015 at 10:44 am
    Reply

    I passed the extended test with no problems. Phew. :)

    1. Jeff said on May 19, 2015 at 4:58 pm
      Reply

      Same here. logged into VPN and tested as Zurich Switzerland (I’m in the U.S.) :-)

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.